1.4. El estado actual en las investigaciones sobre AP: entre las destituciones históricas y las búsquedas contemporáneas.
1.4.2. Eje Sincrónico de Investigaciones: Contextos, instituciones y sujetos implicados en la discusión contemporánea sobre la
1.4.2.1. Dimensión Macro-social: variabilidad contextual y construcción de la AP.
12.4.1 VACM configuration
Cable2Home 1.0 specifies MSO control of the Cable2Home management domain. An example of the configuration of VACM parameters is shown in figure 35.
LAN IP
Device
CTP
PS
(Internal DB)SNMP
Agent
WAN/
HeadEnd
SNMP Set Request SNMP Set Response Update Database Configure VACM Parametersfor MSO Control vacmContextName vacmSecurityToGroup vacmSecurityModel vacmSecurityName vacmSecurityToGroupStorageType vacmAccessEntry
Figure 35: PS configuration (VACM Parameters) sequence
12.4.2
Management event messaging configuration
12.4.2.1
CMP event notification operation
Cable2Home events are reported through local event logging, SNMP TRAP, SNMP INFORM messages and SYSLOG. The event notification mechanism can be set or modified by the NMS, by issuing an SNMP Set-Request message to the PS WAN-Man address.
The following example illustrates configuring the PS database to store events in local log files. Local log events are of two types:
• local non-volatile; and
• local volatile.
The NMS will read the content of the local log and write that content to the Headend event logging system. A PS reboot causes only the volatile events to be cleared from the PS database. Nonvolatile events persist across reboots.
PS LAN-side
Update Database SNMP Set Request
Set Event Notification local log files
SNMP Set Response
SNMP Get Request Request local log
event table SNMP Get Response
Report local log event table
Query Database
PS Reboot Clear local volatile
log file, keep nonvolatile log file Synchronize and reapply
nonvolatile log file
PS Reboot finished Resume operation LAN IP Device PS internal / database PS-CMP WAN / Headend
Figure 36: PS configuration (event control) sequence
The next scenario illustrates the download of a configuration file for a PS in SNMP Provisioning Mode. This process is triggered via an SNMP Set Request. The PS must verify this file before accepting it. In the example, a TLV error exists and is reported. Since the event notification is set to the SNMP TRAP mode, the address of the TRAP server is retrieved from the PS database and the event is sent to that TRAP server.
WAN /
Headend PS / WAN-side
PS internal /
database PS / LAN-side Lan IP Device
Update Database SNMP Set Request
Set Event Notification TRAP
SNMP Set Response
SNMP Set Request Set configuration file
SNMP Set Response
Update Database
Verifying Configuration file TLVs generated errors
Retrieve trap Server Address SNMP Trap
Report to trap Server
The next example in this clause illustrates the process of a LAN IP Device trying to obtain an IP address from the local DHCP server (CDS). The CDS function checks the PS database for an available IP address. In this case, the CDS detects that no IP address is available from the address pool and it generates an event to SYSLOG.
NMS CMP PS
Database CDP LAN IP Device
Update Database SNMP Set Request
Set Event Notification SYSLOG
SNMP Set Response Client acquiring an
IP Address
Accessing Address Count generates parameters
exceeded
Retrieve SYSLOG Server Address
Report to SYSLOG Server
Figure 38: LAN IP device address acquisition (request exceeds provisioned count) sequence
12.4.2.2
Example CMP event throttling and limiting operation
Cable2Home provides an event throttling mechanism via the CMP functionality of the PS. Event throttling and limiting is very flexible and can include cases in which all events are reported and cases in which no events are reported to the NMS. Refer to clause 6.5.3 for a description of the CMP Event Throttling and Limiting mechanism.
The example shown below illustrates configuring the PS database to return events via the SNMP INFORM method. Initially, several INFORM messages are written to the local log file and delivered to the NMS. The event throttling mechanism sets the limit of the number of events that can be sent to the NMS within a given time frame. When that limit is reached, the PS will stop sending INFORM messages to the NMS. In order to restart the event notification, the NMS should re-enable the event reporting.
inbound traffic inbound traffic inbound traffic inbound traffic Update Database SNMP Set Request
Set Event Notification INFORM
SNMP Set Response
SNMP Set Request Set Event Throttle
stopAtThreshold SNMP Set Response
Update Database
Update Database SNMP INFORM
Report to trap Server PS detects denial of
service threat deliver to client on LAN
SNMP INFORM Reply from trap Server
Time passed
Exceeded event threshold Stop update Database PS detects denial of service threat LAN IP Device PS / LAN-side PS internal / database PS-CMP WAN / Headend
Figure 40: CMP event throttling and limiting operation
13 Provisioning processes
This clause describes the processes involved when using the Provisioning Tools, described in clause 7, for initial provisioning of LAN IP Device and the PS element. Cable2Home specifications refer to provisioning as the following three tasks:
1) Acquiring network addresses. 2) Acquiring server information.
3) Secure download and processing of the PS Configuration File.
Provisioning processes are described in this clause for each of the following relevant Cable2Home cases:
• PS WAN-Man - Provisioning of the PS WAN based management functionality;
• PS WAN Data - Provisioning of PS WAN-Data IP addresses to be used for creating CAT Mappings to LAN IP Devices in the LAN-Trans address realm;
• LAN IP Device in the LAN-Trans Realm - Provisioning of a LAN IP Device with a translated IP address;
• LAN IP Device in the LAN-Pass Realm - Provisioning of a LAN IP Device with an IP address that is passed through to the WAN.
Provisioning of the DOCSIS cable modem element of an embedded PS is separate and distinct from Cable2Home provisioning and is out of scope for Cable2Home. The reader is referred to DOCSIS specifications for descriptions of cable modem provisioning.
The functional elements with which the Cable2Home Portal Services element interacts during the provisioning
processes listed above are identified in figure 41. The Key Distribution Center (KDC) functional element is shown with a broken outline since it is used in SNMP Provisioning Mode but not in DHCP Provisioning Mode. The other functional elements are used in both provisioning modes.
HA/PS KDC Syslog Server DHCP server TOD server TFTP server LAN IP Device LAN-Trans LAN IP Device LAN-Pass SNMP Manager / NMS
Figure 41: Cable2Home provisioning functional elements
The Trivial File Transfer Protocol (TFTP) server provides access to the PS Configuration File for the PS and follows rules described in RFC 1350 [21]. The Time of Day (ToD) server provides the means for the PS to acquire the current time in UTC format as described in RFC 868 [16]. The Dynamic Host Configuration Protocol (DHCP) server provides the PS with private and/or global IP addresses following RFC 2131 [24] as well as providing other information via DHCP options in accordance with RFC 2132 [25]. The Network Management System (NMS) Simple Network Management Protocol (SNMP) Manager complies with RFC 1157 [20] and possibly with more current versions of the SNMP, e.g. RFC 2571 [46], RFC 2572 [47], RFC 2574 [49] and RFC 2575 [50]. The Key Distribution Center (KDC) manages authorization and encryption keys for establishing trust between networked elements and implements rules defined in RFC 1949 [61]. The System Log (SYSLOG) server handles event messages generated by the PS and by LAN IP Devices in the home. The PS implements clients for these Headend servers and uses these client functions during the provisioning processes described in this clause to accomplish the tasks listed at the beginning of this clause.